At times, companies have their financial statements, policies, and procedures reviewed by a third party called an auditor. This review process is called a financial statement audit. The auditor examines a company’s financial documents to determine if that company’s financial statements conform to Generally Accepted Accounting Principles (GAAP). The purpose of the audit is to provide assurance that the financial statements, and assertions provided by company management, are complete and accurate.
In the United States, the Securities and Exchange Commission (SEC) requires all companies with publicly traded stock to hire a third party to complete financial audits as least once a year. Private firms may be required to undergo an audit by their investors, lien holders, or other fiduciary interests. The IRS may also require a financial statement audit as part of a tax audit.
Generally, this audit is completed in several steps, including the planning phase, sample testing, controls and transaction testing, disclosure testing, final reporting, and delivery of the auditor’s opinion. The audit planning phase occurs prior to the end of the company’s financial cycle. The company determines the cycle, which is usually quarterly or annually.
Next, the auditor reviews and tests a small sample of the company’s financial transactions and reporting procedures. The goal of sample testing is to determine areas of audit risk, which occurs when a transaction is lacking documentation. If the auditor finds insufficient controls in place when reviewing policies and procedures, this also creates audit risk.
The audit continues with testing of a large portion of financial transactions in the controls and testing phase, which makes up the bulk of the process. The auditor places special emphasis on those transactions that created audit risk during the sample testing phase. The auditor reviews all documentation, as well as authorization and approval of the financial transactions.
Auditors also review the company’s segregation of duties during this phase. Segregation of duties helps create a system of checks and balances within the company. For example, a person who submits an invoice for payment should not be the same person who approves the invoice and sends out the payment.
It is also the auditor’s responsibility to review company management’s disclosures in financial statements. Testing is required to support the financial assertions in their disclosures. The auditor reviews the documentation supplied by the company to support any claims made in the financial statement.
Once the testing and review phases are complete, the auditor can finalize the financial statement audit. The auditor summarizes the findings in a written report that is delivered to company management. Finally, he or she issues an opinion based on its final report.
An unqualified opinion signifies that the financial statements conform to GAAP. An auditor can issue a qualified opinion if, during the audit, it finds a deviation from GAAP, or if the audit could not be completed for some reason. An adverse opinion may be issued if the auditor finds material misstatements, or if procedures do not follow GAAP standards. The opinion is usually published with the company’s financial numbers in its annual report.
If the auditor cannot issue a financial statement audit opinion, it may issue a disclaimer. This disclaimer will explain why an opinion could not be delivered. Reasons for this can include that the scope of the audit was limited, or that a material conflict of interest exists. The disclaimer may also state that the auditor questions the company’s financial strength and ability to continue to do business.